[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nmap-dev
Subject:    [Patch] XML progress reporting
From:       "Adam Vartanian" <flooey () gmail ! com>
Date:       2006-06-27 7:21:13
Message-ID: 450ee1cb0606270021i71840529wb0382b54ced6cfb0 () mail ! gmail ! com
[Download RAW message or body]

Hey all, attached is a patch for adding timing information to the XML
output if verbose output is specified.  The timing information is the
same as what is sent to stdout, but more geared toward processing by a
program (thus, for instance, times are reported as timestamps instead
of clock times).

There are three new elements in the XML output: <taskbegin>,
<taskprogress>, and <taskend>.  <taskbegin> and <taskend> indicate the
time when a particular step in the scanning process was started or
completed, and <scanprogress> updates what the current status of an
ongoing task is.  <taskprogress> should always be between a begin and
end, and begins and ends should always be properly paired.

As part of this, I also refactored and standardized the way that
progress information is sent to stdout, which may break programs which
are parsing that stream, but it should make parsing and coding easier
in the long run.  The new info in the XML output would probably make
that a better choice for parsing now as well.

An example of normal output resulting from this patch:

$ sudo ./nmap -oX output.xml -sSV -T4 -v scanme.insecure.org
Starting Nmap 4.20ALPHA3 ( http://www.insecure.org/nmap/ ) at
2006-06-27 01:04 EDT
Initiating System DNS resolution at 01:04
Completed System DNS resolution at 01:04, 0.15s elapsed
Initiating System CNAME DNS resolution at 01:04
Completed System CNAME DNS resolution at 01:04, 0.00s elapsed
DNS resolution of 1 IPs took 0.26s.
Initiating SYN Stealth Scan at 01:04
Discovered open port 53/tcp on 205.217.153.62
Discovered open port 80/tcp on 205.217.153.62
Discovered open port 22/tcp on 205.217.153.62
SYN Stealth Scan Timing: About 13.85% done; ETC: 01:08 (0:03:07 remaining)
Completed SYN Stealth Scan at 01:06, 91.24s elapsed (1680 total ports)
Initiating Service scan at 01:06
Scanning 3 services on scanme.nmap.org (205.217.153.62)
Completed Service scan at 01:06, 11.35s elapsed (3 services on 1 host)
OSScan against host 205.217.153.62: assuming TCP port 22 is open, 25
is closed, UDP port 33931 is closed and none is firewalled
OSScan against host 205.217.153.62: assuming TCP port 22 is open, 25
is closed, UDP port 30465 is closed and none is firewalled
OSScan against host 205.217.153.62: assuming TCP port 22 is open, 25
is closed, UDP port 36252 is closed and none is firewalled
OSScan against host 205.217.153.62 now falls back on the old OS scan system
For OSScan assuming port 22 is open, 25 is closed, and neither are firewalled
Host scanme.nmap.org (205.217.153.62) appears to be up ... good.
Interesting ports on scanme.nmap.org (205.217.153.62):
Not shown: 1674 filtered ports
PORT    STATE  SERVICE VERSION
22/tcp  open   ssh     OpenSSH 4.3 (protocol 2.0)
25/tcp  closed smtp
53/tcp  open   domain
70/tcp  closed gopher
80/tcp  open   http    Apache httpd 2.2.0 ((Fedora))
113/tcp closed auth
Device type: general purpose|broadband router|firewall
Running: Linux 2.4.X|2.5.X|2.6.X, D-Link embedded, WatchGuard embedded
OS details: Linux 2.4.0 - 2.5.20, Linux 2.4.18 - 2.4.20, Linux 2.4.26,
Linux 2.4.27 or D-Link DSL-500T (running linux 2.4), Linux 2.4.7 -
2.6.11, Linux 2.6.0 - 2.6.11, WatchGuard Firebox X700
TCP Sequence Prediction: Class=random positive increments
                         Difficulty=3248145 (Good luck!)
IPID Sequence Generation: All zeros

Nmap finished: 1 IP address (1 host up) scanned in 120.558 seconds
               Raw packets sent: 5167 (233.910KB) | Rcvd: 72 (4492B)



And the relevant section of the XML that is generated:

...
<verbose level="1" />
<debugging level="0" />
<taskbegin task="System DNS resolution" time="1151384684" />
<taskend task="System DNS resolution" time="1151384685" />
<taskbegin task="System CNAME DNS resolution" time="1151384685" />
<taskend task="System CNAME DNS resolution" time="1151384685" />
<taskbegin task="SYN Stealth Scan" time="1151384685" />
<taskprogress task="SYN Stealth Scan" time="1151384715"
percent="13.85" remaining="187" etc="1151384902" />
<taskend task="SYN Stealth Scan" time="1151384776" />
<taskbegin task="Service scan" time="1151384776" />
<taskend task="Service scan" time="1151384788" />
<host><status state="up" />
<address addr="205.217.153.62" addrtype="ipv4" />
<hostnames><hostname name="scanme.nmap.org" type="PTR" /></hostnames>
...

This patch also adds the <distance> element to the DTD, which I
discovered was missing.

- Adam


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic